[apparmor] [RFC PATCH 1/1] libapparmor: Create man page for aa_stack_profile()/aa_stack_onexec()
Seth Arnold
seth.arnold at canonical.com
Wed Jan 27 03:54:14 UTC 2016
On Tue, Jan 26, 2016 at 03:17:19PM -0600, Tyler Hicks wrote:
> > > 2. stack_onexec, stack delayed until exec applied pre-exec transitions
> > > A -- stack_onexec B -- exec apply stack -- A//&B -- exec trans --> C//&D
> Do you feel like #2 is still useful? I don't want to put words in John's
> mouth (so correct me if I'm wrong, John) but I feel like he and I were
> focusing on #1 and #3.
No, I don't think #2 is worth keeping. It feels too confusing. If the
program author wants this behaviour, aa_stack_profile() would allow the
B -> D transition at exec time, though the intermediate behaviour would
be different.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160126/b89e499c/attachment.pgp>
More information about the AppArmor
mailing list